.. / CVE-2008-6982

Exploit for Devalcms 1.4a - Cross-Site Scripting (CVE-2008-6982)

Description:

Devalcms 1.4a contains a cross-site scripting vulnerability in the currentpath parameter of the index.php file.

Nuclei Template

View the template here CVE-2008-6982.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2008/CVE-2008-6982.yaml

References:

https://exchange.xforce.ibmcloud.com/vulnerabilities/44940
https://www.exploit-db.com/exploits/6369
https://github.com/ARPSyndicate/kenzer-templates
https://nvd.nist.gov/vuln/detail/CVE-2008-6982
http://sourceforge.net/projects/devalcms/files/devalcms/devalcms-1.4b/devalcms-1.4b.zip/download